Lucene search
K

39 matches found

CVE
CVE
added 2024/12/06 12:0 a.m.52 views

CVE-2024-38926

CVE-2024-38926 affects the ROS 2 ecosystem (ROS 2 Humble and Nav2 Humble) and is due to a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic-parameter /amcl z_short, indicating a remote-access impact vector. The CVSS v3.1 me...

9.8CVSS7.5AI score0.00571EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/12/06 12:0 a.m.3 views

PT-2024-28277 · Open Robotics · Ros2 +1

Name of the Vulnerable Software and Affected Versions: Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions Description: A use-after-free vulnerability was discovered in the nav2 amcl process of Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions. This issue i...

9.8CVSS7AI score0.00584EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2024/12/06 12:0 a.m.10 views

CVE-2024-38926

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggered via remotely sending a request for change the value of dynamic-parameter /amcl zshort...

7.5AI score0.00571EPSS
Exploits1References3
CVE
CVE
added 2024/12/06 12:0 a.m.68 views

CVE-2024-38927

ROS2 (Humble) and Nav2 humble include a use-after-free in the nav2_amcl process, exploitable by remotely changing the dynamic parameter /amcl do_beamskip. This vulnerability affects the nav2_amcl path and is rated critical. PT-/security advisories suggest interim mitigations: disable the nav2_amc...

9.8CVSS7.5AI score0.00571EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2024/12/06 12:0 a.m.53 views

CVE-2024-38923

Open Robotics ROS2 Humble and Nav2 Humble contain a use-after-free in the nav2_amcl process. The issue is triggered by a remote request to modify the dynamic parameter /amcl_odom_frame_id, enabling an attacker over the network to potentially compromise the affected system. CVSS indicates CRITICAL...

9.8CVSS7.6AI score0.00545EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/12/05 11:15 p.m.3 views

CVE-2024-38920

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter/amcl maxbeams...

9.1CVSS5.8AI score0.00508EPSS
Exploits0References3
NVD
NVD
added 2024/12/05 11:15 p.m.11 views

CVE-2024-38920

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter/amcl maxbeams...

9.1CVSS0.00508EPSS
Exploits0References3
OSV
OSV
added 2024/12/05 11:15 p.m.4 views

CVE-2024-38910

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble version was discovered to contain a use-after-free in the nav2amcl process. This vulnerability is triggered via sending a request to change dynamic parameters...

7.5CVSS5.8AI score0.00508EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/05 12:0 a.m.3 views

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that originates from a post-release reuse vulnerability contained in the nav2amcl process. An attacker exploiting this vulnerability could be triggered by remotely sending a request to...

9.1CVSS6.7AI score0.00508EPSS
Exploits0References1
CVE
CVE
added 2024/12/05 12:0 a.m.52 views

CVE-2024-38920

CVE-2024-38920 affects Open Robotics ROS 2 (ROS2) and Nav2 humble, describing a use-after-free in the nav2_amcl process. The vulnerability is triggered by remotely sending a request to change the dynamic parameter /amcl max_beams, enabling network-based attack with no user interaction. The CVSS 3...

9.1CVSS7.2AI score0.00508EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/05 12:0 a.m.5 views

CVE-2024-38920

Open Robotics Robotic Operating System 2 ROS2 and Nav2 humble versions were discovered to contain a use-after-free via the nav2amcl process. This vulnerability is triggerd via remotely sending a request for change the value of dynamic-parameter/amcl maxbeams...

7.5AI score0.00508EPSS
Exploits0References3
vulnersOsv
vulnersOsv
added 2022/05/24 4:47 p.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-10337 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.7)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-10337 Source advisory: OSV:GHSA-G6H2-4X64-C59X...

7.5CVSS6.9AI score0.01999EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/05/13 1:15 a.m.5 views

br.com.ingenieux.jenkins.plugins:awseb-deployment-plugin (>=0.3.5 <=0.3.15), com.barchart.jenkins:maven-release-cascade (>=1.0.0 <=1.3.2) +109 more potentially affected by CVE-2019-1003011 via org.jenkins-ci.plugins:token-macro (>=1.0 <=2.5)

org.jenkins-ci.plugins:token-macro MAVEN version =1.0, =0.3.5, =1.0.0, =1.14.1, =4.1.1, =1.7.2, =1.1.2, =0.18, =0.1, =2.5.8, =3.0, =1.0-alpha-1, =1.2.0-beta-1 and more Source cves: CVE-2019-1003011 Source advisory: OSV:GHSA-23H9-M55M-C5JP...

8.1CVSS6.7AI score0.02039EPSS
Exploits0
Prion
Prion
added 2020/10/19 6:15 p.m.21 views

Remote code execution

A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

9CVSS9AI score0.0326EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/10/19 5:44 p.m.23 views

CVE-2020-7175

A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

9.1AI score0.0326EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2017/08/11 12:0 a.m.22 views

Hewlett Packard Enterprise Intelligent Management Center iccSelectDymicParam Expression Language Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Intelligent Management Center. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

9CVSS3.2AI score0.0572EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.43 views

IBM OmniFind Crawler Denial of Service Vulnerability

No description provided by source. Crawler endless loop CVE-2010-3899 The crawler has no recursion depth limit. A site with dynamic parameter manipulation can cause an endless loop. This loop will block the crawler thread and use permanent server resources. Too many blocks can lead to a denial of...

5CVSS0.3AI score0.03148EPSS
Exploits6
0day.today
0day.today
added 2010/11/10 12:0 a.m.66 views

IBM OmniFind Crawler Denial of Service Vulnerability

Exploit for multiple platform in category dos / poc ==================================================== IBM OmniFind Crawler Denial of Service Vulnerability ==================================================== Crawler endless loop CVE-2010-3899 The crawler has no recursion depth limit. A site wi...

7.1AI score0.03148EPSS
Exploits6
Exploit DB
Exploit DB
added 2010/11/09 12:0 a.m.50 views

IBM OmniFind Crawler - Denial of Service

Crawler endless loop CVE-2010-3899 The crawler has no recursion depth limit. A site with dynamic parameter manipulation can cause an endless loop. This loop will block the crawler thread and use permanent server resources. Too many blocks can lead to a denial of service. The same site will be...

5CVSS6.5AI score0.03148EPSS
Exploits6
Rows per page
Query Builder